HIPAA HITECH MobileThe Health Insurance Portability and Accountability Act (HIPAA) was created to make the healthcare delivery system more cost effective and efficient. The main component HIPAA revolves around the standardization of electronic patient information which includes the transmission electronic bills and claims information. The new electronic format allows for an increased potential for medical records abuse or fraud. Therefore, a key part of HIPAA was to increase and standardized the confidentiality and security of patient healthcare data.

The Health Information Technology for Economic and Clinical Health Act (HITECH), made important changes to HIPAA, particularly with regards to "Improved Privacy Provisions and Security Provisions."

Any entities that handles, maintains, stores, or exchanges private healthcare or patient-related information, regardless of size, must fully comply with these privacy regulations. Entities found to be HIPAA non-compliant will face:

Costly penalties from the government (State and Federal)

Hefty Fines

Sole Liability

Criminal Offense

Loss of Patient Confidence

Data Breach Notification

Increased Compliance Audits

If your organization is unsure whether or not it is compliant with all of these privacy regulations, let Turner and Associates provide our expert guidance with our HIPAA / HITECH audit.

Turner and Associates will combine the COBIT and COSO frameworks to provide detailed testing of your organizations controls environment.

Just a few mandatory key areas we specifically test during our HIPAA / HITECH audit:

Administrative Safeguards:

Security Management Process

Assigned Security Responsibility

Workforce Security

Information Access Management

Security Awareness and Training

Security Incident Procedures

Contingency Plan


Business Associate Contracts and other Arrangements

Physical Safeguards

Facility Access Controls

Workstation Use

Workstation Security

Device and Media Controls

Technical Safeguards

Access Controls

Audit Controls


Person or Entity Authentication

Transmission Security

Thereafter, were gaps are identified, Turner and Associates' experts will recommend practical cost-effective solutions to ensure your organization meets compliance with all of the privacy regulations mandated by HIPAA / HITECH.